CAT|III

Title

DISA Severity Level 3

Description

Any vulnerability, the existence of which degrades measures to protect against loss of Confidentiality, Availability, or Integrity.

Reference Item Details

Reference: CAT - DISA Severity Level

Category: Severity Level

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.2 Ensure all configurations are made to the appropriate server profile	Unix	Redhat JBoss EAP 5.x
1.4 Ensure Technology Preview components are disabled in production environments	Unix	Redhat JBoss EAP 5.x
1.5 Disable Hot Deployment in production	Unix	Redhat JBoss EAP 5.x
1.6 Production applications should not implement the default SRPVerifierStore interface for the Secure Remote Password (SRP) protocol	Unix	Redhat JBoss EAP 5.x
1.9 Ensure appropriate DefaultDS is enabled	Unix	Redhat JBoss EAP 5.x
1.11 Ensure default HSQLDB is disabled	Unix	Redhat JBoss EAP 5.x
1.11 Ensure default HSQLDB is disabled - 'JBOSS_HOME/common/lib/hsqldb-plugin.jar'	Unix	Redhat JBoss EAP 5.x
1.11 Ensure default HSQLDB is disabled - 'JBOSS_HOME/common/lib/hsqldb.jar'	Unix	Redhat JBoss EAP 5.x
1.11 Ensure default HSQLDB is disabled - 'JBOSS_HOME/server/@PROFILE@/deploy/hsqldb-ds.xml'	Unix	Redhat JBoss EAP 5.x
1.11 Ensure default HSQLDB is disabled - 'JBOSS_HOME/server/@PROFILE@/deploy/messaging/hsqldb-persistence-service.xml'	Unix	Redhat JBoss EAP 5.x
1.12 Ensure HSQLDB Security Domain is removed - 'HsqlDbRealm = false'	Unix	Redhat JBoss EAP 5.x
1.013 - System information backups are not created, updated, and protected according to DISA requirements.	Windows	DISA Windows Vista STIG v6r41
1.013 - System information backups are not created, updated, and protected according to DISA requirements.	Windows	DISA Windows Server 2008 MS STIG v6r46
1.013 - System information backups are not created, updated, and protected according to DISA requirements.	Windows	DISA Windows Server 2008 DC STIG v6r47
1.013 - System information backups are not created, updated, and protected according to DISA requirements.	Windows	DISA Windows 7 STIG v1r32
1.013 - System information backups will be created, updated, and protected.	Windows	DISA Windows Server 2008 R2 MS STIG v1r33
1.013 - System information backups will be created, updated, and protected.	Windows	DISA Windows Server 2008 R2 DC STIG v1r34
1.14 - Ensure Oracle Database persistence plugin is set correctly - 'DatabasePersistencePlugin'	Unix	Redhat JBoss EAP 5.x
1.016 - Security configuration tools are not being used to configure platforms for security compliance.	Windows	DISA Windows 7 STIG v1r32
1.016 - Security configuration tools or equivalent processes must be used to configure and maintain platforms for security compliance.	Windows	DISA Windows Server 2008 MS STIG v6r46
1.016 - Security configuration tools or equivalent processes must be used to configure and maintain platforms for security compliance.	Windows	DISA Windows Server 2008 DC STIG v6r47
1.016 - Security configuration tools or equivalent processes must be used to configure and maintain platforms for security compliance.	Windows	DISA Windows Vista STIG v6r41
1.016 - Security configuration tools or equivalent processes will be used to configure platforms for security compliance.	Windows	DISA Windows Server 2008 R2 DC STIG v1r34
1.016 - Security configuration tools or equivalent processes will be used to configure platforms for security compliance.	Windows	DISA Windows Server 2008 R2 MS STIG v1r33
2.28 Ensure all required information is displayed in <layout> - 'ConversionPattern = %d %-5p \[%c\] \(%t:%x\) %m%n'	Unix	Redhat JBoss EAP 5.x
2.29 Production applications should not log output to the JBoss console - 'JBoss console output log = false'	Unix	Redhat JBoss EAP 5.x
2.1022 - The system must mount /dev/shm with the nodev option. - fstab	Unix	Tenable Fedora Linux Best Practices v2.0.0
2.1022 - The system must mount /dev/shm with the nodev option. - mount	Unix	Tenable Fedora Linux Best Practices v2.0.0
2.1023 - The system must mount /dev/shm with the nosuid option. - fstab	Unix	Tenable Fedora Linux Best Practices v2.0.0
2.1023 - The system must mount /dev/shm with the nosuid option. - mount	Unix	Tenable Fedora Linux Best Practices v2.0.0
2.1024 - The system must mount /dev/shm with the noexec option. - fstab	Unix	Tenable Fedora Linux Best Practices v2.0.0
2.1024 - The system must mount /dev/shm with the noexec option. - mount	Unix	Tenable Fedora Linux Best Practices v2.0.0
2.1340 - The system must use a separate file system for /tmp (or equivalent).	Unix	Tenable Fedora Linux Best Practices v2.0.0
2.1600 - The system must be configured so that the file integrity tool is configured to verify Access Control Lists (ACLs) - installed	Unix	Tenable Fedora Linux Best Practices v2.0.0
2.1610 - The system must be configured so that the file integrity tool is configured to verify extended attributes - installed	Unix	Tenable Fedora Linux Best Practices v2.0.0
3.003 - System pagefile is cleared upon shutdown.	Windows	DISA Windows 7 STIG v1r32
3.003 - System pagefile is cleared upon shutdown.	Windows	DISA Windows Vista STIG v6r41
3.004 - Secure Removable Media - CD-ROM	Windows	DISA Windows Vista STIG v6r41
3.004 - Secure Removable Media - CD-ROM	Windows	DISA Windows 7 STIG v1r32
3.006 - Floppy media devices are not allocated upon user logon.	Windows	DISA Windows 7 STIG v1r32
3.006 - Floppy media devices are not allocated upon user logon.	Windows	DISA Windows Vista STIG v6r41
3.007 - The shutdown option will not be available from the logon dialog box.	Windows	DISA Windows Server 2008 R2 DC STIG v1r34
3.007 - The shutdown option will not be available from the logon dialog box.	Windows	DISA Windows Server 2008 R2 MS STIG v1r33
3.007 - The system allows shutdown from the logon dialog box.	Windows	DISA Windows 7 STIG v1r32
3.007 - The system allows shutdown from the logon dialog box.	Windows	DISA Windows Server 2008 DC STIG v6r47
3.007 - The system allows shutdown from the logon dialog box.	Windows	DISA Windows Vista STIG v6r41
3.007 - The system allows shutdown from the logon dialog box.	Windows	DISA Windows Server 2008 MS STIG v6r46
3.013 - Caching of logon credentials must be limited.	Windows	DISA Windows 7 STIG v1r32
3.013 - Caching of logon credentials must be limited.	Windows	DISA Windows Server 2008 DC STIG v6r47
3.013 - Caching of logon credentials must be limited.	Windows	DISA Windows Server 2008 R2 MS STIG v1r33

Detections

Analytics

CAT|III

Title

Description

Reference Item Details

Audit Items